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Method and device for transporting data traffic using the Transmission Control Protocol/Internet Protocol (TCP/IP) between a local 
host (7) and a global host (4), in which method and device, using a table, a local IP address of the local host is converted into a global 
first IP address of the local network in outgoing IP packets, and a global first IP address is converted into a local IP address in the case of 
incoming IP packets. In this table, a row is allocated for the global first IP address (6) of the local network (2) and a column is allocated 
for the second IP address (5) of the global host (4), and the local IP address (8) is placed in a free field of the table, corresponding to the 
connection. As a result, it is possible to set up a large number of connections between local hosts and global hosts, making use of one or 
more global first IP addresses of the local network. 
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WO 99/30467 PCT/NL98/00691 
Method and d evice for converting Internet Protocol addresses 



The present invention relates to a method and a device for transporting data 
traffic using the Transmission Control Protocol/ Internet Protocol (TCP/IP) between at 
least one local host with a local IP address in a local network with at least one global 
5 first IP address and at least one global host with a global second IP address, comprising 
the steps of: 

i) in a table, allocating the at least one global first IP address of the local 

network to a connection between the at least one local host and the at least 
one global host; and 

10 ii) using the table to convert the at least one local IP address into the at least 

one global first IP address in the event of data traffic towards the at least 
one global host, and converting the at least one global first IP address into at 
least one local IP address in the event of data traffic towards the at least one 
local host. 

15 Methods and devices of this nature are used to convert a local IP address 

into a global IP address, allowing a local host to communicate across the global network 

(for example the Internet). 

Hosts can only communicate with one another correctly if agreements are 

made concerning the manner in which this is to take place. The said agreements are 
20 recorded in protocols, and for an increasing number of networks, and networks which 

are connected to the Internet, the said protocol is TCP/IP (Transmission Control 

Protocol/Internet Protocol). 

In a TCP/IP network, every host on the network is given its own address, the 

IP address. The IP address is added to every piece of information which is destined for 
25 the said host and to every piece of information which emanates from the said host. 

The IP address is unique within the network of which the host forms part, a 

locally unique IP address. If the network is coupled to other networks, the host can only 

communicate with hosts in other networks if its IP address is unique within all the 

networks which are coupled to one another. If we are talking about the Internet, the 
30 worldwide network of networks which are coupled to one another, the IP address has to 

be unique throughout the entire world. We are then talking of a globally unique IP 

address. 

The IP address comprises four numbers which each vary from 0 to 255 and 
arc separated by dots. These four numbers arc not arbitrary, but rather arc the 
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determining factor for the route which an information packet takes in order to arrive at 
the correct place. Routers decide, on the basis of the initial numbers of the IP address, 
where the IP packet is destined for. 

The IP address comprises a network address and a host number. The network 
5 address identifies a network and is used by routers for routing IP packets to the said 
network. The host number is used within the network for numbering hosts within the 
said network. Sometimes, the network is further subdivided into smaller networks, and 
the host number is divided into subnetwork address and host number. The width of the 
two address parts is variable. In an A-address, the first number is the network address 
10 (n.h.h.h), in a B-address, the first two numbers form the network address (n.n.h.h), and 
in a C-address the network address is formed by the first three numbers (n.n.n.h). It will 
be clear that networks with A- and B-addresses are generally further subdivided into 
subnetworks. 

IP addresses are closely related to the topology of the network, because the 
15 numbering is the determining factor for the routing of information packets to the 
destination. Therefore, issuing IP addresses constitutes an important task in the 
administration of TCP/IP networks. For the Internet, the Network Information Centre 
(NIC) administers the IP addresses. The NIC issues network addresses in the three types 
mentioned above: A-addresses (these are no longer supplied), B-addresses (these are 
20 only seldom supplied) and C-addresses (these are supplied, sometimes in successive 
series). From this, it can be deduced that free, globally unique IP addresses are 
becoming scarce. The situation in practice is that supply does not generally meet 
demand. 

In the TCP/IP world, a few network addresses are reserved for allocation 
25 within closed TCP/IP networks (locally unique IP addresses). Organizations which 
design their own network use these IP addresses, which never reach the Internet. 
Consequently, the network is able to connect to the Internet at a later stage without the 
risk of globally unique IP addresses already being used internally. On the other hand, 
direct coupling to another closed network in fact entails a considerable risk of IP 
30 addresses occurring twice, which represents a serious difficulty in achieving coupling 
and sometimes even makes it impossible. 

In order to gain access to the Internet, a host has to acquire a globally 
unique IP address. This results in routing problems, since the routers in the network 
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have to deliver information packets to the destination using the IP address, and the IP 
addresses will generally not fit unambiguously into the addressing scheme. The globally 
unique IP addresses therefore have to be routeable, and this means that the addresses 
often cannot be allocated to the hosts for which they are desired. 
5 In the first instance, the addressing scheme of a network is often partly 

adapted to the organization structure. When internal organization takes place, this direct 
relationship becomes blurred, unless considerable effort is made to reorganize the IP 
addressing scheme. 

It has been attempted to solve this problem relating to addressing of hosts in 

10 a local network by means of Network Address Translators (NAT). These couple the 
local address of a local host to a global IP address, with the result that every local host 
can in principle communicate across the global network, for example the Internet. 
Various types of NATs are known. 

A static NAT contains a fixed translation table which states which global IP 

15 address each local host is given during communication with the global network. As a 
result, it is also possible to call servers on the local host directly from the global 
network. This method means that there is no need for readdressing of the local host. 
However, it does contain the drawbacks that communication with the global network is 
only possible for the designated hosts and that the number of local hosts able to 

20 communicate with the global network is determined by the number of available IP 
addresses of the local network. 

A dynamic NAT provides all local hosts with the possibility of 
communicating with the global network. As soon as a local host wants a connection to 
the global network, the NAT allocates a free IP address and, from that moment, 

25 translates the local IP address into the free IP address, and vice versa. This has the 
advantage that all local hosts are able to communicate with the global network. Just as 
for the static NAT, there is no need for readdressing of the local host. A drawback is 
that the number of hosts able to communicate simultaneously with the global network is 
determined by the number of available IP addresses of the local network. Furthermore, 

30 in this case, in contrast to the static NAT, servers on the local host cannot be called 
directly from the global network. 

IP packets incorporate checksums for checking whether an IP packet has 
reached its destination intact. Since NATs change the content (only the address content), 
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it is also necessary to adapt the checksum in the IP packet. 

The object of the present invention is to provide a method for converting IP 
addresses which combines the advantages which have been mentioned and eliminates the 
drawbacks. 

This object is achieved by means of a method of the type described in the 
preamble, in which in step i), in the table, a row is allocated for the at least one global 
first IP address of the local network and a column is allocated for the at least one global 
second IP address, and the at least one local IP address is placed in a free field of the 
table, corresponding to the connection. 

The method according to the invention makes it possible, with one unique 
global IP address of the local network, to maintain a virtually unlimited number of 
connections between a local host and global hosts. This is possible owing to the fact that 
the table can always be extended by additional columns for another global second IP 
address of a global host. It is also possible for various local hosts in the local network to 
be able to communicate simultaneously with various global hosts in the global network. 
The only restriction is that one global host cannot simultaneously communicate with a 
plurality of local hosts via the one unique global IP address, since in that case it is not 
possible to determine which local host an incoming IP packet is destined for. 

It should be noted that the terms "row" and "column" in a table are not 
intended to be limiting expressions: they are merely used in order to define that there are 
different parameters along the different axes of the table, and not to introduce limitation 
relating to precisely what is defined along the horizontal axis and what is defined along 
the vertical axis. In this sense, "row" and "column" are mutually interchangeable terms. 

A significant advantage of the method according to the invention is that it is 
entirely transparent to the user of the local host. This user does not have to make any 
changes in the settings of the host, since IP packets are customarily received and 
transmitted with the local IP address thereof. The conversion of IP addresses takes place 
at the outer limit of the local network, at the connection of the local network to the 
global network. 

Sometimes, it is necessary, in a local network, for a specific host to obtain 
direct access from the global network. This host must then be given a globally unique IP 
address which has to be fitted into the existing TCP/IP network. Since the IP address 
contains the information which is used to route IP packets, an address cannot be 
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allocated to any arbitrary host, with the result that fitting in globally unique IP addresses 
requires considerable effort. The method according to the invention allows every host in 
the local network to communicate with a host in the global network, with the result that 
it is not necessary to allocate a globally unique IP address to specific hosts in the local 
5 network. 

Generally, when setting up TCP/IP networks, unique IP addresses are 
allocated to all hosts in the network. In the event of reorganization, there may be 
considerable consequences for the addressing scheme. If the method according to the 
invention is employed, it is easy to make "moveable" subnetworks, with the result that 

10 the addressing scheme can be adapted more easily. 

In a preferred embodiment of the method according to the invention, in step 
i), in the table, two or more separate rows are allocated for two or more global first IP 
addresses of the local network and the at least one local IP address is placed in a free 
field of the table, corresponding to the connection. Since a plurality of global first IP 

15 addresses are available to the local network, there may simultaneously be connections 
between the same global host and a plurality of local hosts. The only remaining 
restriction is that the number of simultaneous connections between one specific global 
host and different local hosts is determined by the number of global first IP addresses of 
the local network which are available. 

20 In a further embodiment of the invention, the allocation of the at least one 

global first IP address of the local network remains valid at least throughout the time 
span of the connection. However, the fields in the table are maintained. As soon as there 
are no longer any free fields available in a column of a table for setting up a new 
connection, a field belonging to a connection which is no longer current is cleared, so 

25 that the new connection can be set up. This dynamic allocation of global first IP 

addresses of the local network ensures that the number of possible connections between 
hosts in a local network and global hosts is in effect unlimited. 

If a global host wants to make a connection to a local host, of which a 
domain name in the local network is known, it is necessary to carry out an interim step 

30 in order to set up the connection. 

In known NATs, a gate number is used to identify a local host. These NATs 
are also known as Proxy Servers. Each local host is approached from global hosts with 
the IP address of the Proxy Server, using a gate number to indicate which host/server 
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combination is intended. At Proxy Servers, the number of local host/server combinations 
with which communication is possible is determined by the number of available gates. 

According to a further embodiment of the invention, if a connection between 
a global host and a local host is initiated by the global host sending an IP packet with a 
DNS query (Domain Name Server Query - a request to supply an IP address for a 
domain name) to the local network, the IP packet with the DNS query is answered with 
a reference to the allocated global first IP address of a second local host which is acting 
as a DNS host. For this purpose, the DNS query is not transmitted to the local network, 
but rather is dealt with entirely in accordance with the method of the invention. To this 
end, the local IP address of a second local host, which is acting as a DNS host, is 
directly allocated to a field in the table, and then an IP packet is sent back to the global 
host as a response, providing a reference to the global IP address which, according to the 
table, belongs to the local DNS host. As a result, the global host can and will (using the 
method of the standard DNS protocol) then direct its DNS query to the second local 
host, which is acting as a DNS host. The DNS query comprises the domain name of the 
local host to which the global host wishes to set up a connection. As a response to the 
DNS query, the DNS host sends an IP packet to the global host, containing the local IP 
address of the local host. Using the method of the invention, the local IP address in this 
outgoing IP packet is allocated to a field in the table and is converted into a global IP 
address of the local network in order to be transmitted on the global network. As a 
result, the connection is established and the global host is able to communicate with the 
local host via the allocated global IP address of the local network. An important 
advantage in this context is that neither the local host nor the global host needs any 
adaptations or special provisions. This is because searching for the connection via the 
domain name at a DNS host is a standard functionality for TCP/IP client applications. 

In a further embodiment of the invention, the at least one global host with a 
global second IP address is a further local network with at least one global third IP 
address. As a result, it is possible to leave the internal addressing of the two local 
networks unaltered and yet to run unlimited communication between the local networks 
via a unique C-address. In this case, it is possible to set up connections, a connection 
being set up just as described above via a local DNS host and a domain name. 

In a further embodiment of the method according to the invention, the steps 
i) and ii) are carried out at application level. In some applications, one or more IP 
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addresses are incorporated in the information of IP packets and not only in the route 
information. An example of this is the DNS (Domain Name Server) application, which 
ensures that readable names (www.aaa.nl) can be used instead of IP addresses. In this 
case, the information which is transported in the IP packets may contain IP addresses. 
Another example is the File Transfer Protocol (FTP) application, which allows files at 
global hosts to be viewed, removed, sent and/or returned. For certain actions, IP 
addresses are exchanged as information in the IP packets. 

If it is not clear whether the global second IP address of a global host is 
already in use in the local network, according to an embodiment of the method 
according to the invention an alias address is allocated to this global host, after which 
this alias address is used for converting IP addresses. As a result, each global host has 
an IP address which is guaranteed unique within the local network, and there is no 
possibility of conflicts between identical local and global IP addresses. In this case, the 
alias addresses are allocated per local host, with the result that a global host may have a 
plurality of alias addresses. 

In a second aspect, the invention provides a device for transporting data 
traffic using the Transmission Control Protocol/ Internet Protocol (TCP/IP) between at 
least one local host with a local IP address in a local network with at least one global 
first IP address and at least one global host with a global second IP address, the device 
being provided with computer means for carrying out the steps of: 

i) in a table, allocating the at least one global first IP address of the local 
network to a connection between the at least one local host and the at least 
one global host; and 

ii) using the table to convert the at least one local IP address into the at least 
one global first IP address in the event of data traffic towards the at least 
one global host, and converting the at least one global first IP address into at 
least one local IP address in the event of data traffic towards the at least one 
local host, 

characterized in that the computer means in step i), in the table, allocate a row for the at 
least one global first IP address of the local network and allocate a column for the at 
least one global second IP address and place the at least one local IP address in a free 
field of the table, corresponding to the connection. 

This device may be implemented as a separate device, positioned at the 
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boundary between the local network and the global network, or may be integrated in the 
interface between the local network and the global network. 

The invention will now be explained with reference to the appended 
drawings, in which: 

5 Fig. 1 diagrammatically depicts a local network connected to a global 

network; 

Fig. 2 shows a flow diagram for the method of the invention for outgoing IP 

packets; 

Fig. 3 shows a flow diagram for the method of the invention for incoming IP 

10 packets; 

Fig. 4 shows an embodiment of a table which is used by the method. 
Fig. 1 diagrammatically depicts a local host network 2 which is able to 
communicate with a global network 3 via computer means 30, which are preferably 
designed as an interface or router, and a connection 9. The local network 2 comprises 

15 one or more local hosts 7, 7a, which are mutually connected via a network. In general, 
the connections in the global network 3 run via nodes, by means of which (local) 
networks and/or hosts are connected to one another in various types of configuration 
(star, loop, etc.). For the sake of clarity, this is illustrated in highly simplified form in 
the figure. Global hosts 4 in the global network 3 (one of which is shown in the figure, 

20 for the sake of clarity) are identified by a globally unique Internet Protocol (IP) address 
5. The local network 2 is also identified by at least one globally unique IP address 6. If 
this is a so-called C-address (comprising four numbers, separated by dots, the first three 
of which identify the local network and the last of which indicates a host), 
communication from the global network 3 with the local network 2 is possible via a 

25 plurality of IP addresses 6, the first three numbers of which are identical. The local hosts 
7, 7a in the local network (two of which are shown in the figure) have locally unique IP 
addresses 8, 8a. According to the TCP/IP protocol, these locally unique IP addresses 8, 
8a do not occur in the global network 3 but may be used in other similar local networks 

30 Fig. 1 also shows a further local network 2', which may be constructed in 

the same way as local network 2. However, different local networks 2, 2' may comprise 
different numbers and types of hosts, as well as different internal network architectures. 
Components of the further local network 2' which are provided with reference numerals 
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with an added accent arc the same as the components in local network 2 which have the 
same reference numeral without the accent. 

The method according to the invention is preferably implemented as a 
software module in the computer means 30, which are designed as an interface or router 
5 of the local network 2, the operations of IP packets taking place before they are 

presented to the connection 9 or immediately after they are received from the connection 
9. In an embodiment of the device according to the invention which is not illustrated, 
the device is an independent unit which is positioned between the interface or router 30 
of the local network 2 and the connection 9 to the global network 3. 

10 An example of the table as used by the method according to the invention is 

shown in Fig. 4. The examples as shown therein will be used for explanation purposes in 
the following description. 

Fig. 2 shows the flow diagram according to the method of the invention for 
data traffic of IP packets from a local host 7 to a global host 4. 

15 In block 10, an IP packet is received from a local host 7, just before it is 

sent to the global network 3 via a connection 9. Decision block 11 checks whether the 
IP address 5 of the global host 4 (the destination of the said IP packet) already forms a 
column in a table with connections which are already current. For example, in Fig. 4 the 
IP address 145.5.4.23 forms a column in the table. 

20 If this is not the case (there is currently no connection between the local 

network 2 and the global host 4), a column is formed in the table for the relevant global 
IP address 5 of the global host 4 in block 13. In block 14, the IP address 8 of the local 
host 7 is placed on a free field in the relevant column with the global IP address 5 of 
the table. The row of the table then gives the global IP address 6 of the local network 2 

25 for communication with the global network 3. This is carried out, for example, in the 
table in Fig. 4, where a column is made in the table for the IP address 5 of the global 
host 4 (125.3.12.4) and where the IP address 8 of the local host 7 (for example 10.2.1.1) 
is placed on a free field in this column. The row then indicates the associated global IP 
address 6 of the local network 2 (145.3.20.1). 

30 If the result of decision block 11 is affirmative, the method continues with 

decision block 12. Decision block 12 checks whether the IP address 8 of the local host 7 
is present in the column with the relevant global IP address 5. If not, the flow diagram 
continues further with block 14, which has already been described above. 
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If the result of decision block 12 is positive (i.e. the connection already 
exists), and following block 14 (in the case of a new connection), in block 15 in the IP 
packet the IP address 8 of the local host 7 (the source of this IP packet) is replaced by 
the global IP address 6 of the local network 2, which is indicated as a row in the table. 
5 Then, the checksum of the IP packet is adapted (block 16), after which, in block 17, the 
IP packet is sent to the global network 3 via the connection 9. The cycle can then be 
repeated starting from block 10. 

In the table shown in Fig. 4, a column for global IP address 5 (145.5.4.23) 
of global host 4 already existed. In decision block 12, it is found that, by way of 

10 example, a connection for local host 7 with IP address 8 (for example 10.2.1.1) already 
exists (via global IP address 145.3.20.1) but there is not as yet a connection for another 
local host (not shown) with a different IP address (10.2.1.13). In the former case, the 
method is continued with blocks 15, 16 and 17, while in the latter case, in accordance 
with block 14, the local IP address 8 (10.2.1.13) is placed in a free field in the relevant 

15 column (145.5.4.23), for example in the row with global IP address 6 (145.3.20.5). 

According to a preferred embodiment of the invention, the operations in 
blocks 12, 14, 15 and 16 in Fig. 2 also work at application level, i.e. at IP addresses 
which are present as information in IP packets. As a result, applications at hosts which 
send information about IP addresses as information in IP packets will function correctly. 

20 One example of this is the DNS (Domain Name Server) application, which ensures that 
readable names (www.aaa.nl) can be used instead of IP addresses. In this case, the 
information which is transported may contain IP addresses in the IP packets. 

Fig. 3 shows the flow diagram according to the method of the invention for 
data traffic comprising the transfer of IP packets from a global host 4 to a local host 7 

25 in a local network 2. This process takes place simultaneously with and parallel to the 
processing of outgoing IP packets. 

In block 21, the IP packet emanating from a global host 4 is received before 
it is transmitted further into the local network 2. This IP packet contains a global IP 
address 6 of the local network 2 as the destination address. Decision block 22 checks 

30 whether the connection between the global host 4 and the local host 7 in the local 

network 2 already exists, by checking whether the table gives a local IP address 8 in the 
row with the global IP address 6 of the local network 2 and the column with the global 
IP address 5 which indicates which global host 4 the IP packet is from. If the connection 
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already exists, in block 23, the global IP address 6 of the local network 2 in the IP 
packet is replaced by the local IP address 8 of the Local host 7. To do this, the 
abovementioned table is used. Then, in block 24, the checksum of the IP packet is 
adapted. Finally, in block 25, the IP packet is sent to the local network 2, after which 
5 the cycle can begin again at block 21. 

If the connection did not previously exist, and therefore the result of decision 
block 22 is negative, it is assumed that the global host 4 knows the domain name of the 
local host 7. Then, in decision block 26, it is checked whether the IP packet received 
from the global host 4 is a so-called DNS query. A DNS query (Domain Name Server 

10 query) is a request for a domain name to supply an IP address. In the event of a positive 
result from decision block 26 (the IP packet is a DNS query), the IP packet is not 
transmitted further towards the local network 2, but rather, in block 27, the local IP 
address 8a of the second host 7a, which is acting as a DNS host, is allocated, according 
to the method of the invention, to a field in the table and is converted into a global IP 

15 address 6 of the local network 2, after which the DNS query is answered (DNS 

response) in block 29 with a reference to the global IP address 6 of the host 7a. After 
the DNS response has been received, the global host 4 directs the same DNS query 
(according to the method of the standard DNS protocol) to the global IP address 6 which 
is given in the reference in the DNS response. According to the method of the invention, 

20 this incoming IP packet is processed and sent on towards the second host 7a, which is 
acting as a DNS host. In the event of a negative result, the IP packet is sent on 
unchanged towards the local network 2 in block 28; this may, for example, be the case if 
the local host 7 has a globally unique IP address. 

The DNS query contains the domain name of the local host 7 to which the 

25 global host 4 wishes to set up a connection. As a response to the DNS query, the DNS 
host sends an IP packet to the global host 4, containing the local IP address 8 of the 
local host 7. Using the method of the invention, the local IP address 8 in this outgoing 
IP packet is allocated to a field in the table and converted into a global IP address 6 of 
the local network 2 in order to be sent to the global network. As a result, the connection 

30 is established and the global host 4 is able to communicate with the local host 7 via the 
allocated global IP address 6 of the local network 2. 

If, by way of example, an IP packet is received from a global host with a 
global IP address (198.43.42.190) addressed to a global IP address 6 of the local 
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network 2 (145.3.20.2), it can be seen from the table shown in Fig. 4 that this 
connection already exists, and the IP packet is to be transmitted to the local host with 
local IP address (10.1.2.5). If an IP packet is received from a global host with global IP 
address (125.3.12.4) addressed to global IP address 6 of the local network 2 
(145.3.20.3), it can be seen from the table shown in Fig. 4 that this connection does not 
yet exist. According to the method of the invention, it is then checked whether the IP 
packet in question is a DNS query. If so, a response is sent containing a reference to the 
global IP address 6 allocated to a local second host 7a which is acting as a DNS host 
(for example 145.3.20.5 if the local IP address of the second local host 7a which is 
acting as a DNS host is 10.2.1.4). In reaction to this, the global host 4 sends the DNS 
query to the local DNS host 7a by directing the DNS query to the IP address 
(145.3.20.5) to which the response referred. Then, the second local host 7a (with local IP 
address 10.2.1.4) sends a response to the DNS query to the global host 4. For this 
outgoing IP packet, the flow diagram shown in Fig. 2 is run through as described above. 

According to a preferred embodiment of the invention, the operations in 
blocks 22, 23, 24, 26 and 27 in Fig. 3 also work at application level, i.e. at IP addresses 
which are present as information in IP packets. As a result, applications at hosts which 
send information about IP addresses as information in IP packets will function correctly. 

The method according to the invention makes it possible to maintain a 
virtually unlimited number of connections between local hosts 7 and global hosts 4 using 
one unique global IP address 6. This means that different local hosts 7 in the local 
network 2 are able to communicate simultaneously with different global hosts 4 in the 
global network 3. The only restriction is that one global host 4 cannot communicate 
simultaneously with a plurality of local hosts 7 via one unique global IP address 6, 
because in that case, in the event of an incoming IP packet, it is not possible to 
determine which local host 7 this IP packet is destined for. This is because there is only 
one field available at the intersection of each row and each column, so that it is only 
possible to refer to one local host 7. However, if a plurality of different global IP 
addresses 6 are available on the local network 2, these simultaneous connections may 
indeed exist, with the result that the number of possible connections is in fact unlimited. 
This can easily be seen from the table shown in Fig. 4, in which columns can always be 
added for each new global host 4 with which a local host 7 in the local network 2 
wishes to communicate. 
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A significant advantage of the method according to the invention is that it is 
entirely transparent to the user of the local host 7 and the global host 4. This user does 
not have to make any changes in the settings of the host 4, 7, since IP packets are 
customarily received and transmitted with the local IP address 8 thereof. The conversion 
5 of IP addresses takes place at the connection of the local network 2 to the global 
network 3. 

Sometimes, it is necessary, in a local network 2, for a specific host 7 to 
obtain direct access from the global network 3. This host must then be given a globally 
unique IP address, which has to be fitted into the existing TCP/IP network. Since the IP 

10 address contains the information which is used to route IP packets, an address cannot be 
allocated to any arbitrary host, with the result that fitting in globally unique IP addresses 
requires considerable effort. The method according to the invention allows every host in 
the local network 2 to communicate with a host in the global network 3, with the result 
that it is not necessary to allocate a globally unique IP address to specific hosts in the 

15 local network. 

Generally, when setting up TCP/IP networks, unique IP addresses are 
allocated to all hosts in the network. In the event of reorganization, there may be 
considerable consequences for the addressing scheme. If the method according to the 
invention is employed, it is easy to make "moveable" subnetworks, with the result that 

20 the addressing scheme can be adapted more easily. 

In a preferred embodiment of the invention, the connections in the table 
mentioned above continue to exist at least until a predetermined time span after the last 
communication on the connection in question has elapsed. After the predetermined time 
span has elapsed, the connection js considered no longer necessary. However, the field 

25 in the table (see Fig. 4) of the connection in question is only removed when there are no 
longer any free fields in the relevant column of the table. This dynamic allocation of 
global IP addresses 6 of the local network 2 ensures that the number of possible 
connections between hosts 7 in a local network 2 and global hosts 4 is virtually 
unlimited. 

30 In a further embodiment of the invention, the method is used to make a 

connection between two or more local networks 2, 2'. This can be achieved by allowing 
connections to run via the at least one global IP address 6, 6' of the local networks. 
Since the local hosts 7, T in the local networks 2, T do not have any unique global IP 
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addresses, in this case the DNS queries mentioned above must always be used. 

If the IP address 5 of the global host 4 is in use within the local network 2, 
an alias address for the IP address 5 of the global host 4 may be incorporated in the 
table in addition to the local IP address 8 of the local host 7, so that conflicts caused by 
5 identical global IP addresses of a global host 4 and a global IP address of a local host 7 
cannot arise. For this purpose, an additional conversion block must be added to the flow 
diagram shown in Figs. 2 and 3 (after block 15 or block 23, respectively), in which 
additional block, in the event of incoming and outgoing IP packets, the IP address 5 of 
the global host 4 is replaced by the alias IP address. 

10 The method according to the invention can be implemented as a software 

module in the computer means 30, which are preferably designed as an interface or 
router of the local network 2 and which connect the local network 2 to the global 
network 3. According to an embodiment of the invention, the method may also be 
implemented in a separate device (not shown), provided with computer means and 

15 TCP/IP interface means, positioned between the interface or router 30 of the local 
network 2 and the connection 9 to the global network 3. 
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Claims 

1. Method for transporting data traffic using the Transmission Control 
Protocol/Internet Protocol (TCP/IP) between at least one local host with a local IP 
address in a local network with at least one global first IP address and at least one 

5 global host with a global second IP address, comprising the steps of: 

i) in a table, allocating the at least one global first IP address of the local 
network to a connection between the at least one local host and the at least 
one global host; and 

ii) using the table to convert the at least one local IP address into the at least 
10 one global first IP address in the event of data traffic towards the at least 

one global host, and converting the at least one global first IP address into at 
least one local IP address in the event of data traffic towards the at least one 
local host, 
characterized in that 

15 in step i), in the table, a row is allocated for the at least one global first IP address (6) 
of the local network (2) and a column is allocated for the at least one global second IP 
address (5), and the at least one local IP address (8) is placed in a free field of the table, 
corresponding to the connection. 

2. Method according to Claim 1, characterized in that in step i), in the table, 
20 two or more separate rows are allocated for two or more global first IP addresses (6) of 

the local network (2) and the at least one local IP address (8) is placed in a free field of 
the table, corresponding to the connection. 

3. Method according to Claim 1 or 2, characterized in that the allocation of the 
at least one global first IP address (6) of the local network (2) in the table remains valid 

25 at least throughout the time span of the connection. 

4. Method according to Claim 1, 2 or 3, characterized in that, if a connection 
between a global host (4) and a local host (7) is initiated by the global host (4) sending 
an IP packet with a DNS query to the local network (2), the IP packet with the DNS 
query is answered with a reference to an allocated global first IP address (6) of a second 

30 local host (7a) which is acting as a DNS host, 

5. Method according to one of Claims 1 to 4, characterized in that the at least 
one global host (4) with global second IP address (5) is a further local network (2') 



WO 99/30467 PCT/NL98/00691 

16 

with at least one global third IP address (6 1 ). 

6. Method according to one of Claims 1 to 5, characterized in that the steps i) 
and ii) are carried out at application level. 

7. Method according to one of Claims 1 to 6, characterized in that, if the global 
second IP address (5) of the global host (4) is in use within the local network (2), an 
alias address for this IP address (5) of the global host (4) is incorporated in the table. 

8. Device for transporting data traffic using the Transmission Control 
Protocol/Internet Protocol (TCP/IP) between at least one local host with a local IP 
address in a local network with at least one global first IP address and at least one 
global host with a global second IP address, the device being provided with computer 
means for carrying out the steps of: 

i) in a table, allocating the at least one global first IP address of the local 
network to a connection between the at least one local host and the at least 
one global host; and 

ii) using the table to convert the at least one local IP address into the at least 
one global first IP address in the event of data traffic towards the at least 
one global host, and converting the at least one global first IP address into at 
least one local IP address in the event of data traffic towards the at least one 
local host, 

characterized in that the computer means (30) in step i), in the table, allocate a row for 
the at least one global first IP address (6) of the local network (2) and allocate a column 
for the at least one global second IP address (5) and place the at least one local IP 
address (8) in a free field of the table, corresponding to the connection. 
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